In many computing applications it is desirable to keep data secure. For example, in a medical setting, regulations require that security measures be used to prevent patient data from being accessed by unauthorized parties. If financial data, such as credit card numbers or social security numbers for customers of a business, were obtained by malicious parties, large financial losses could occur.
To protect data, enterprises may maintain their own computer systems using various security techniques to prevent unauthorized access to data. The enterprise can use physical and electronic techniques to control access to secure data. An alternative approach to protect data, even when access to the data cannot be precluded in all cases, is to encrypt the data when stored in the computer system.
Data that has been encrypted—or otherwise processed such that, even if an unauthorized party accesses the data, that party cannot determine the meaning of the data—is sometimes called “cyphertext.” In a corporate network, confidential data may be stored as cyphertext, except when actually being processed. By controlling the security information, such as encryption keys, that can convert cyphertext to “cleartext,” security of the data can be maintained by limiting existence of data in cleartext except in highly restrictive settings that are secure.
More recently, data is being stored or processed in “the cloud.” Cloud service providers—rather than the enterprises that have data to process—provide computing resources, including processing and database storage. Cloud service providers make computing resources available to the customers, each of which makes a service level agreement (SLA) with the cloud service provider to have access to a certain level of computing resources. The enterprises access these resources by submitting jobs over the Internet for processing on the computer resources “rented” from the cloud service provider.
Traditional techniques for maintaining data security in the cloud environment do not apply. Though data may be transmitted over the Internet as cyphertext, once it is received by the cloud service provider, it is, for many operations, converted to cleartext. As a result, employees of the cloud service provider, who are inherently outside the enterprise, have access to the cleartext data and possibly to the security information for converting the cyphertext to cleartext.